Reputation: 85
Redirect visitors to another page if accessed directly using PHP
I have a register.php page, which allows visitors to register to become certain users. If they meet all requirements set by the form validation, they will be redirect to another page, called thankyou.php page.
My question is if anyone tries to visit the thankyou.php page directly without going through/ from the register.php page, then it should redirect them back to the register.php page again.
Note: I know how to use the $_session = array(); for the logged-in users, and header() function very well. Once again, the question here requires some kind of research on how to restrict visitors from accessing thankyou.php directly (because visitors have not become users of the website yet).
Please don't guide me in jquery or javascript or any other languages. I need your help in php.
Thank you!
Upvotes: 2
Views: 847
Answers (4)
Reputation: 77
One simple way for acheiving what you want is to send a session variable from register.php to thankyou.php. Sessions are a good way for permissions.
In register.php -> $_SESSION['myvariable'] = 'something'. then in thankyou.php you'll have access to the session variable and if the variable is set then you can stay in that page or do whatever you'll like. Keep in mind that you'll have to resume the session with session_start() in each page.
Upvotes: 0
Reputation: 1221
you can check $_SERVER['HTTP_REFERRER'] in your thankyou.php .
if($_SERVER['HTTP_REFERRER'] != 'your referrer page'){
header('location: yourtarget.php');
die();
}
also using session is better way .
Upvotes: 0
Reputation: 59
In register.php you can set a key in the $_SESSION. For example
$_SESSION['justRegistered'] = true;
And the check for it in thankyou.php
if (!empty($_SESSION['justRegistered'])) {
unset($_SESSION['justRegistered']);
// Say Thank You
} else {
header('Location: ... register.php');
}
Upvotes: 4
Reputation: 27042
You have to check first if the $_SESSION variable associated with the correct redirect to thankyou.php is setted.
After that, you have to check if the user $_SERVER['HTTP_REFERER'] meets the requirements, that is if $_SERVER['HTTP_REFERER'] (that contains the referral url) ends with register.php and the domain is your domain.
I suggest you to do something like (I'm assuming you defined a constant YOUR_HOST and used a session variable ok. Change it with yours as well):
if(empty($_SESSION['ok']) || empty($_SERVER['HTTP_REFERER'])) {
die(header('Location /register.php'));
}
$url = parse_url($_SERVER['HTTP_REFERER']);
if($url['host'] !== YOUR_HOST || $url['path'] !== 'register.php') {
die(header('Location /register.php'));
}
// else show the thankyou page content
Upvotes: 0
Related Questions
- How do I make a redirect in PHP?
- How to calculate the difference between two dates using PHP?
- "Notice: Undefined variable", "Notice: Undefined index", "Warning: Undefined array key", and "Notice: Undefined offset" using PHP
- Is there a function to make a copy of a PHP array to another?
- Clear cache or cookies when user logout
- Redirect Woocommerce my-account page to another page
- How to restrict an entire WordPress site to visitors, but the register and login page?
- How to redirect logged out users to different page in WordPress
- How to force all the visitors to redirect to one page first then can continue to the other page